Same here. They also have minimum electricity consumption requirements to discourage any clever DIY solutions. I think grid defection could become very popular quite soon, especially as home battery systems like Tesla Powerwall take off.
At some point hopefully there will be enough pressure on the electric utilities from off-grid home renewable power that their pet laws will be taken behind the shed and they'll be forced to play nice.
Yes, tools that use secret vulnerabilities. If there were no vulnerabilities, or if they were not kept secret and subsequently patched, the tools would be useless and the payloads would never be put in place.
I am going to assume you meant it's always been stupid how browsers handled unauthenticated HTTPS certs. At the very least its necessary to warn about unauthenticated connections for all browser users, uneducated and experts alike. However, power users should be allowed to enable a switch to avoid glaring popup messages about SSL certificates. Ultimately this is solved via extensions since this is not a use-case for the typical browser user, so your complaint is really one of personal inconvenience.
Everyone's personal convenience, not just mine. There's no reason the typical browser user should see any warning for self-signed HTTPS that would not also be displayed for an HTTP connection, it's in no way more dangerous. Browser developers are effectively giving handouts to the CA industry and hindering adoption of HTTPS by halting with an error when encountering self-signed HTTPS certificates.
I agree with you, but I think browsers should treat HTTPS connections with self-signed certs the same as HTTP connections, as in not halting the connection with a giant warning page and forcing the user to jump through hoops before getting to the site. Let them through with the same little warning symbol now displayed for an HTTP connection. An HTTPS connection with a self-signed cert is in no way more dangerous than an HTTP connection.
They're a little better in that the fact that they come from a cert authority gives you some assurance that you're not being MITM'd. But it has always been stupid that browsers treat an HTTPS connection with a self-signed cert differently to an HTTP connection.
And these are weapons that the enemy can just stumble upon anywhere out in the world. A cyberweapon is really just a secret, but it's a decent (if tortured) analogy to think of them as camouflaged, remote-detonatable explosives that are hiding all over the place. The world is almost made of these bombs just waiting for someone to figure out how to set them off, and if we identify them we can neutralize them all without much trouble. But if we keep secret the fact that a certain kind of tree will go off like a nuclear bomb if you shine a green laser at it so that the NSA can blow up terrorists' bases via the shrubberies, then we're also making it possible for ISIS to stumble upon the alternative use of that tree and set off nukes on everyone's front lawn.
The trouble with that idea is that every new user would have thousands of bigots to block, unlike in real life. Until they've all been blocked, the site could resemble at least a moderate storm of racial slurs.
Clearly the solution is to stop policing speech and let every commercial web service turn into a swirling maelstrom of racial slurs. That's an equal-opportunity system where the number of slurs being posted is proportional to typing speed and people's creativity in coming up with shorter slurs, with no jackbooted moderators meddling in the martketplace of ideas (for racial slurs).
I'm thinking that "don't work at all" may be the lesser of two evils: A sub-livable wage exploits workers and amounts to an unorganized form of corporate welfare. If you keep people from working for such low pay, even if it means less income for them, it cuts off the corporate welfare stream that was available to all companies paying sub-livable wages and ensures that those who still have jobs can support themselves.
As for those who can't find work anymore? Well, what to do with the ever-increasing number of ever-more-skilled people our lovely capitalist system has no need for is another question, and we won't answer it any faster by papering the problem over with sub-livable-wage jobs...
Yep, Google's been too late to learn the power of not putting everything under one monolithic company. They only recently made some basic divisions under Alphabet in an attempt to skirt EU antitrust laws (unsuccessfully).
He understands how to put on a show. He's a showman first and foremost. He's a reality TV star, and has a lifetime of experience as mascot for his company.
Even if he's still in office for the next round of elections, the Democrats would have to fuck up even more mightily than last time for him to have a chance at getting back in. The people who wouldn't vote for him have seen what happens when they sit home and sulk instead of going out and voting, and I can't see them making that mistake again.
You call Gen. Y'ers a bunch of entitled thieves and at the same time, you think that it's wrong that working full-time jobs should pay them enough to afford food, housing, healthcare and security. You end with a note that unless you protect the fruits of your labor with government-backed force, you'll never get paid.
Does being so hypocritical cause you to bleed out of your ears?
I'm sure non-addicted smartphone users are a minority, but not a null set.
The bigger problem is that this study reminded all participants of their smartphones before taking the test, possibly stimulating their curiosity to check their messages etc. There should've been another group that received no instruction regarding their phones.
There are some days when I'm leaving work or even arrive home and I notice that my phone's battery still has a high charge, and I realize I never used my phone that day.
I've been thinking that this latest round of politicians asking for encryption backdoors is running on "Ask for a pony to get a dog" logic. If you ask for a dog, you get a hamster.
They know backdoors are impractical to impossible. But if they push for backdoors, tech companies will step up their censorship and user screening efforts. When they ask for greater censorship and screening, they get a "meh we're already doing that" response.
I've been thinking about setting up a GPLed encrypted chat client (maybe just a quick fork of Signal) explicitly for terrorists so we can put a stop to this crap. Call it Talkorrist maybe. Spread copies of it on torrent and darknet sites. Then we can say "No matter what laws you pass, Talkorrist will still be there, so quit it." It's more in-your-face than the fact that the PGP source code is printed in books out there. That's probably a bunch of useless Cody Wilson-type thinking but it would be satisfying. Society does need to accept the fact that unbreakable secret communication is now possible and we're all better off for it.
Slashdot Mirror
Same here. They also have minimum electricity consumption requirements to discourage any clever DIY solutions. I think grid defection could become very popular quite soon, especially as home battery systems like Tesla Powerwall take off.
At some point hopefully there will be enough pressure on the electric utilities from off-grid home renewable power that their pet laws will be taken behind the shed and they'll be forced to play nice.
Yes, tools that use secret vulnerabilities. If there were no vulnerabilities, or if they were not kept secret and subsequently patched, the tools would be useless and the payloads would never be put in place.
My first thought. The NSA would probably like to thank Google for compiling this "geo-wifi" information for them with their wardriving vehicles!
I am going to assume you meant it's always been stupid how browsers handled unauthenticated HTTPS certs. At the very least its necessary to warn about unauthenticated connections for all browser users, uneducated and experts alike. However, power users should be allowed to enable a switch to avoid glaring popup messages about SSL certificates. Ultimately this is solved via extensions since this is not a use-case for the typical browser user, so your complaint is really one of personal inconvenience.
Everyone's personal convenience, not just mine. There's no reason the typical browser user should see any warning for self-signed HTTPS that would not also be displayed for an HTTP connection, it's in no way more dangerous. Browser developers are effectively giving handouts to the CA industry and hindering adoption of HTTPS by halting with an error when encountering self-signed HTTPS certificates.
I agree with you, but I think browsers should treat HTTPS connections with self-signed certs the same as HTTP connections, as in not halting the connection with a giant warning page and forcing the user to jump through hoops before getting to the site. Let them through with the same little warning symbol now displayed for an HTTP connection. An HTTPS connection with a self-signed cert is in no way more dangerous than an HTTP connection.
They're a little better in that the fact that they come from a cert authority gives you some assurance that you're not being MITM'd. But it has always been stupid that browsers treat an HTTPS connection with a self-signed cert differently to an HTTP connection.
And these are weapons that the enemy can just stumble upon anywhere out in the world. A cyberweapon is really just a secret, but it's a decent (if tortured) analogy to think of them as camouflaged, remote-detonatable explosives that are hiding all over the place. The world is almost made of these bombs just waiting for someone to figure out how to set them off, and if we identify them we can neutralize them all without much trouble. But if we keep secret the fact that a certain kind of tree will go off like a nuclear bomb if you shine a green laser at it so that the NSA can blow up terrorists' bases via the shrubberies, then we're also making it possible for ISIS to stumble upon the alternative use of that tree and set off nukes on everyone's front lawn.
Thanks for being an evil cyber-mercenary...just kidding, actually fuck you.
That could work, it's a decent simulation of real-world network effects.
The trouble with that idea is that every new user would have thousands of bigots to block, unlike in real life. Until they've all been blocked, the site could resemble at least a moderate storm of racial slurs.
Clearly the solution is to stop policing speech and let every commercial web service turn into a swirling maelstrom of racial slurs. That's an equal-opportunity system where the number of slurs being posted is proportional to typing speed and people's creativity in coming up with shorter slurs, with no jackbooted moderators meddling in the martketplace of ideas (for racial slurs).
I'm thinking that "don't work at all" may be the lesser of two evils: A sub-livable wage exploits workers and amounts to an unorganized form of corporate welfare. If you keep people from working for such low pay, even if it means less income for them, it cuts off the corporate welfare stream that was available to all companies paying sub-livable wages and ensures that those who still have jobs can support themselves.
As for those who can't find work anymore? Well, what to do with the ever-increasing number of ever-more-skilled people our lovely capitalist system has no need for is another question, and we won't answer it any faster by papering the problem over with sub-livable-wage jobs...
Yep, Google's been too late to learn the power of not putting everything under one monolithic company. They only recently made some basic divisions under Alphabet in an attempt to skirt EU antitrust laws (unsuccessfully).
So in Ukraine, you CAN actually report someone to the Cyber Police! XD
He understands how to put on a show. He's a showman first and foremost. He's a reality TV star, and has a lifetime of experience as mascot for his company.
It's good for rich people Trump likes (including Trump) to dodge taxes, for anyone else it's bad. Simple.
In today's America, facts are leftist propaganda, and need to be "balanced" with alternative facts approved by the Dear (Orange) Leader.
Even if he's still in office for the next round of elections, the Democrats would have to fuck up even more mightily than last time for him to have a chance at getting back in. The people who wouldn't vote for him have seen what happens when they sit home and sulk instead of going out and voting, and I can't see them making that mistake again.
It's a dead cat he's tossing on the table to distract from the same fake Time magazine cover linked in TFS.
Hardly noteworthy these days, sadly...
People pirated a game available DRM-free AND for cheap? That just seems wrong.
You call Gen. Y'ers a bunch of entitled thieves and at the same time, you think that it's wrong that working full-time jobs should pay them enough to afford food, housing, healthcare and security. You end with a note that unless you protect the fruits of your labor with government-backed force, you'll never get paid.
Does being so hypocritical cause you to bleed out of your ears?
I'm sure non-addicted smartphone users are a minority, but not a null set.
The bigger problem is that this study reminded all participants of their smartphones before taking the test, possibly stimulating their curiosity to check their messages etc. There should've been another group that received no instruction regarding their phones.
There are some days when I'm leaving work or even arrive home and I notice that my phone's battery still has a high charge, and I realize I never used my phone that day.
I've been thinking that this latest round of politicians asking for encryption backdoors is running on "Ask for a pony to get a dog" logic. If you ask for a dog, you get a hamster.
They know backdoors are impractical to impossible. But if they push for backdoors, tech companies will step up their censorship and user screening efforts. When they ask for greater censorship and screening, they get a "meh we're already doing that" response.
I've been thinking about setting up a GPLed encrypted chat client (maybe just a quick fork of Signal) explicitly for terrorists so we can put a stop to this crap. Call it Talkorrist maybe. Spread copies of it on torrent and darknet sites. Then we can say "No matter what laws you pass, Talkorrist will still be there, so quit it." It's more in-your-face than the fact that the PGP source code is printed in books out there. That's probably a bunch of useless Cody Wilson-type thinking but it would be satisfying. Society does need to accept the fact that unbreakable secret communication is now possible and we're all better off for it.
Yes, of course: to IS militants, Islam equals jihad. To GOP militants, it's the exact reverse.